<?php
    /**
     * Edit handler (AJAX).
     * For each file, copies it from temporary upload directory to
     * uploads directory.  Temporary directory assumed to be the
     * PHP specified temporary upload directory.
     */



include('./includes/dbconnection.php'); // open db connection
include('../includes/config.php');

// $result = mysql_query("SELECT * FROM Assets") or die(mysql_error());

// $sqlGetIDQuery = "INSERT INTO Assets (Title) values ('')";

// foreach ($_FILES as $fieldName => $file) {
//   move_uploaded_file($file['tmp_name'], "./uploads/" . $file['name']);
// }


// only allow one file to be uploaded at a time
// $tmpfname = tempnam("./uploads","u_");
// we toss away the name of the file uploaded
// move_uploaded_file($_FILES['file']['tmp_name'], "./uploads/" . $_FILES['file']['name']);
// The user may have entered this information as they were uploading.
// Title is what will be displayed in file tree
// Description will be displayed under tree view
// Path is a / separated "category"
// TODO: AddedUser, AddedDate to be completed
// $_REQUEST['Title']
// $_REQUEST['Description']
// $_REQUEST['Path']
// $_REQUEST['Media']
// $_REQUEST['AddedUser']
// $_REQUEST['AddedDate']

$sqlSetFields = "";
$sqlInsert = "";




if( isset($_REQUEST["Title"]) && !empty($_REQUEST["Title"])){
    $sqlSetFields .= ", Title=";
    $sqlSetFields .= "'".trim($_REQUEST["Title"])."'";
}

if(isset($_REQUEST["Description"]) && !empty($_REQUEST["Description"])){
    $sqlSetFields .= ", Description=";
    $sqlSetFields .= "'".trim($_REQUEST["Description"])."'";
}

if( isset($_REQUEST["Path"]) && !empty($_REQUEST["Path"])){
    $sqlSetFields .=", Path=";
    $sqlSetFields .= "'".trim($_REQUEST["Path"])."'";
}


if( $sqlSetFields != "" && isset($_REQUEST["ID"]) && !empty($_REQUEST["ID"])){


    $sqlSetFields = trim($sqlSetFields, ", ");

    $sqlUpdate = "UPDATE Assets SET ".$sqlSetFields." WHERE ID=".$_REQUEST["ID"];



    if (!mysql_query($sqlUpdate))
    {
        die('<HTML><BODY>Error: ' . mysql_error() .'<br/>'.$sqlUpdate.'</body></html>');
    } else {
        echo $sqlUpdate;

    }
}

// print_r($_REQUEST);
?>


